Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
Recent vulnerabilities and exploits
7.5
CVSSv3
CVE-2021-40892
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in validate-color v2.1.0 when handling crafted invalid rgb(a) strings....
Validate Color Project Validate Color 2.1.0
1 Github repository available
NA
CVE-2023-24065
NOSH 4a5cfdb allows stored XSS via the create user page. For example, a first name (of a physician, assistant, or billing user) can have a JavaScript payload that is executed upon visiting the /users/2/1 page. This may allow attackers to steal Protected Health Information...
NA
CVE-2023-0566
Static Code Injection in GitHub repository froxlor/froxlor prior to 2.0.10....
NA
CVE-2023-0565
Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10....
8.8
CVSSv3
CVE-2020-16898
A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'....
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2016 1909
Microsoft Windows Server 2016 2004
Microsoft Windows Server 2019 -
49 Github repositories available
5 Articles available
7.8
CVSSv3
CVE-2020-9992
This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7. This issue is fixed in iOS 14.0 and iPadOS 14.0, Xcode 12.0. An attacker in a privileged network position may be able to execute arbitrary code on...
Apple Iphone Os
Apple Xcode
Apple Ipados
19 Github repositories available
1 Article available
7.5
CVSSv3
CVE-2020-15598
** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special request. NOTE: The discoverer reports "Trustwave has signaled they are disputing our claims." The CVE suggests that there is a security issue with how ModSecurity handles...
Trustwave Modsecurity
Debian Debian Linux 10.0
13 Github repositories available
7.8
CVSSv3
CVE-2020-0041
In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
Google Android -
31 Github repositories available
2 Articles available
7.5
CVSSv3
CVE-2016-7288
The scripting engines in Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7286,...
Microsoft Edge -
1 EDB exploit available
15 Github repositories available
8.8
CVSSv3
CVE-2020-0618
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'....
Microsoft Sql Server 2012
Microsoft Sql Server 2014
Microsoft Sql Server 2016
46 Github repositories available
5 Articles available
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48285
CVE-2023-23621
bypass
CVE-2019-25053
file inclusion
CVE-2023-24055
logic flaw
CVE-2023-23560
CVE-2022-48012
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon